Vendor
Norton
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-13676 | Hig | 0.46 | 7.0 | 0.00 | Sep 28, 2017 | Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application. A Norton Remove & Reinstall update, version 4.4.0.58, has been released which addresses the aforementioned vulnerability. | |
| CVE-2017-15528 | Low | 0.24 | 3.7 | 0.00 | Nov 22, 2017 | Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target. |